data/reports: update GO-2023-2386.yaml

Aliases: CVE-2023-45292, GHSA-5mmw-p5qv-w3x5 Updates #2386 Change-Id: I5d7e7d734d4f32339ff1bc23e078752f4122ab2f Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/549595 Run-TryBot: Tim King <[email protected]> Reviewed-by: Tatiana Bradley <[email protected]> TryBot-Result: Gopher Robot <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]>
golang · Dec 14, 2023 · 96afd46 · 96afd46
1 parent 8cb4ef6
commit 96afd46
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/data/osv/GO-2023-2386.json b/data/osv/GO-2023-2386.json
@@ -4,7 +4,8 @@
   "modified": "0001-01-01T00:00:00Z",
   "published": "0001-01-01T00:00:00Z",
   "aliases": [
-    "CVE-2023-45292"
+    "CVE-2023-45292",
+    "GHSA-5mmw-p5qv-w3x5"
   ],
   "summary": "Captcha verification bypass in github.com/mojocn/base64Captcha",
   "details": "When using the default implementation of Verify to check a Captcha, verification can be bypassed.\n\nFor example, if the first parameter is a non-existent id, the second parameter is an empty string, and the third parameter is true, the function will always consider the Captcha to be correct.",

diff --git a/data/reports/GO-2023-2386.yaml b/data/reports/GO-2023-2386.yaml
@@ -16,6 +16,8 @@ description: |-
     For example, if the first parameter is a non-existent id, the second parameter
     is an empty string, and the third parameter is true, the function will always
     consider the Captcha to be correct.
+ghsas:
+    - GHSA-5mmw-p5qv-w3x5
 credits:
     - '@cangkuai'
 references: